Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
File: 440b3734-74c6-4eea-9712-42440de9c3b4.roa (raw, json)
Hash identifier: vxHVw7sVcf47MehvJeiezaV9+U5IHL4lZCzgLShj+ig=
Subject key identifier: 54:20:F7:CA:48:B6:FB:E9:0D:89:70:F8:86:BB:DE:E2:E7:47:A9:61
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 620CC11A606AFA17388447DA622A05E9EAB9A04D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
Signing time: Mon 26 May 2025 15:20:50 +0000
ROA not before: Mon 26 May 2025 15:20:50 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:0c:c1:1a:60:6a:fa:17:38:84:47:da:62:2a:05:e9:ea:b9:a0:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:50 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=ab097634bde6ba96cdb85c43ea227e5807efb80773132de123cd6ab1c64babad, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a0:dc:6b:ee:5b:b2:55:0b:81:4d:77:81:ca:
3e:f4:75:9c:0c:4a:c9:ee:6f:1a:94:9b:53:9b:d4:
6d:4d:8d:df:ad:07:14:22:b5:05:0b:8e:8d:1a:7b:
08:95:f6:dc:ad:24:52:fa:e1:f0:48:69:09:7f:5d:
50:21:05:9e:d8:e0:c8:e3:28:af:83:84:18:12:f9:
ef:80:b1:aa:ad:a5:90:bf:c1:07:71:cf:3d:ea:e7:
fb:d1:11:ba:55:88:19:c6:8b:59:98:f7:aa:a7:c3:
60:02:9f:7e:cd:25:12:58:62:67:f0:e9:51:42:84:
5b:2a:f0:6e:fe:c0:b6:23:b6:19:1a:a1:2b:64:f3:
52:f9:ff:9b:af:f8:73:49:60:b8:f1:d6:51:46:3f:
d1:41:0f:70:00:4c:ae:e8:7d:38:ce:bc:a0:c4:7b:
82:94:b4:b9:83:40:35:ab:6e:4d:ab:e3:df:9e:e4:
4e:8d:ba:57:0f:62:60:77:6b:3d:08:cb:e8:1c:d5:
5f:63:34:46:bd:72:91:83:34:b1:8d:af:83:c6:fe:
e3:aa:ff:f8:9c:2d:f6:5d:c3:0f:de:ec:56:b8:5b:
0d:77:73:d9:54:2c:89:6d:8e:35:fd:6a:49:da:59:
24:d6:4a:6c:b5:4e:b4:b4:93:f3:bf:4a:9f:2e:68:
d9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:20:F7:CA:48:B6:FB:E9:0D:89:70:F8:86:BB:DE:E2:E7:47:A9:61
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7::/36
Signature Algorithm: sha256WithRSAEncryption
9b:4c:44:5a:73:d5:36:f5:56:cb:b9:db:a6:b2:e5:a4:e9:21:
b9:ec:69:59:bf:37:36:8f:4c:a5:c4:ae:15:f6:40:da:67:f8:
c0:2f:2b:25:5a:68:a0:3c:11:04:0a:9a:38:57:a7:c9:5e:a7:
3b:df:90:7f:f8:bc:4c:ca:15:43:42:f5:1d:7c:4c:c8:b8:ae:
32:d2:aa:45:d0:21:23:60:1e:fe:8e:ef:4f:76:33:9e:de:53:
7f:fd:47:0b:52:75:4e:0a:20:00:07:00:62:54:82:e4:23:92:
ab:61:e0:c2:c9:99:94:9c:37:b3:c5:67:13:07:e3:08:dc:0f:
9e:ef:8e:bf:f8:ab:a1:67:12:5a:ca:4f:ae:8b:89:51:9a:2a:
e6:70:93:6e:82:f8:81:cf:f9:23:52:52:f3:52:e0:41:f0:1d:
1b:d7:e6:28:3d:80:d3:92:ec:43:63:31:cf:41:bb:c6:a4:aa:
3e:25:e4:9a:2a:fc:f2:41:6a:89:dc:67:9b:14:83:21:8b:65:
a6:3e:f1:cb:6c:76:84:8a:7b:ee:07:04:2d:5b:be:be:bf:45:
74:13:30:69:ee:a9:ae:9f:c3:97:38:02:00:d8:b0:8b:95:31:
a7:bd:ab:e3:ac:e7:35:5c:73:5a:b3:b9:39:80:89:15:de:34:
f8:e4:81:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYgzBGmBq+hc4hEfaYioF6eq5oE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwNTBaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiMDk3NjM0YmRlNmJhOTZjZGI4NWM0M2VhMjI3ZTU4MDdlZmI4MDc3MzEz
MmRlMTIzY2Q2YWIxYzY0YmFiYWQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKag3GvuW7JVC4FNd4HKPvR1nAxKye5vGpSbU5vUbU2N360HFCK1BQuOjRp7
CJX23K0kUvrh8EhpCX9dUCEFntjgyOMor4OEGBL574Cxqq2lkL/BB3HPPern+9ER
ulWIGcaLWZj3qqfDYAKffs0lElhiZ/DpUUKEWyrwbv7AtiO2GRqhK2TzUvn/m6/4
c0lguPHWUUY/0UEPcABMruh9OM68oMR7gpS0uYNANatuTavj357kTo26Vw9iYHdr
PQjL6BzVX2M0Rr1ykYM0sY2vg8b+46r/+Jwt9l3DD97sVrhbDXdz2VQsiW2ONf1q
SdpZJNZKbLVOtLST879Kny5o2VUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUIPfK
SLb76Q2JcPiGu97i50epYTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDQwYjM3MzQtNzRjNi00ZWVhLTk3MTItNDI0NDBkZTljM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cA
MA0GCSqGSIb3DQEBCwUAA4IBAQCbTERac9U29VbLudumsuWk6SG57GlZvzc2j0yl
xK4V9kDaZ/jALyslWmigPBEECpo4V6fJXqc735B/+LxMyhVDQvUdfEzIuK4y0qpF
0CEjYB7+ju9PdjOe3lN//UcLUnVOCiAABwBiVILkI5KrYeDCyZmUnDezxWcTB+MI
3A+e746/+KuhZxJayk+ui4lRmirmcJNugviBz/kjUlLzUuBB8B0b1+YoPYDTkuxD
YzHPQbvGpKo+JeSaKvzyQWqJ3GebFIMhi2WmPvHLbHaEinvuBwQtW76+v0V0EzBp
7qmun8OXOAIA2LCLlTGnvavjrOc1XHNas7k5gIkV3jT45IGd
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:23:03 2025 by rpki-client